Secure Coding mailing list archives
Re: Towards framework security
From: Benjamin Tomhave <tomhave () secureconsulting net>
Date: Mon, 14 Mar 2011 15:36:54 -0400
That's interesting - thanks for the update Rohit. I'm curious about one thing, though (and, first, allow me to don my flak jacket). I think integrating with a project like Django to simply *ahem* "build security in" is a great approach, but I hate to see the white paper lost. Why not also look at joining efforts with something like the Rugged Manifesto movement? fwiw. On 3/11/11 1:14 PM, Rohit Sethi wrote:
Last year we released a project called the Secure Web Application Framework Manifesto on OWASP. I'd like to announce that we're closing it, in favor of simply working with Django itself. I'm hoping others will adopt the same mentality for other popular open source frameworks and libraries. Details here: http://labs.securitycompass.com/index.php/2011/03/11/closing-the-secure-web-application-framework-manifesto-project/ Cheers, -- Rohit Sethi Security Compass http://www.securitycompass.com twitter: rksethi _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
-- Benjamin Tomhave, MS, CISSP tomhave () secureconsulting net Blog: http://www.secureconsulting.net/ Twitter: http://twitter.com/falconsview LI: http://www.linkedin.com/in/btomhave [ Random Quote: ] "Perhaps in time the so-called Dark Ages will be thought of as including our own." Georg Christoph Lichtenberg _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Towards framework security Rohit Sethi (Mar 12)
- Re: Towards framework security Benjamin Tomhave (Mar 14)
- Re: Towards framework security Rohit Sethi (Mar 14)
- Re: Towards framework security Benjamin Tomhave (Mar 14)